GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
309 advisories
Filter by severity
When malicious images are pulled by isula pull, attackers can execute arbitrary code.
High
Unreviewed
CVE-2021-33635
was published
Oct 29, 2023
When the isula export command is used to export a container to an image and the container is...
Moderate
Unreviewed
CVE-2021-33637
was published
Oct 29, 2023
iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.
Moderate
Unreviewed
CVE-2021-33634
was published
Oct 29, 2023
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized....
Moderate
Unreviewed
CVE-2023-5370
was published
Oct 4, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak...
Moderate
Unreviewed
CVE-2023-20594
was published
Sep 20, 2023
Improper initialization of variables in the DXE driver may allow a privileged user to leak...
Moderate
Unreviewed
CVE-2023-20597
was published
Sep 20, 2023
In Splunk Enterprise versions earlier than 8.2.12, 9.0.6, and 9.1.1, a dynamic link library (DLL)...
High
Unreviewed
CVE-2023-40596
was published
Aug 30, 2023
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond ...
High
Unreviewed
CVE-2020-35342
was published
Aug 22, 2023
Jenkins Gogs Plugin vulnerable to unsafe default behavior and information disclosure
Moderate
CVE-2023-40349
was published
for
org.jenkins-ci.plugins:gogs-webhook
(Maven)
Aug 16, 2023
Improper initialization in BIOS firmware for some Intel(R) NUCs may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-27887
was published
Aug 11, 2023
Improper initialization in some Intel(R) NUC 13 Extreme Compute Element, Intel(R) NUC 13 Extreme...
Moderate
Unreviewed
CVE-2023-22444
was published
Aug 11, 2023
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged...
Moderate
Unreviewed
CVE-2022-38083
was published
Aug 11, 2023
Improper initialization in some Intel(R) NUC BIOS firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-22356
was published
Aug 11, 2023
Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B...
Moderate
Unreviewed
CVE-2023-3242
was published
Jul 26, 2023
Vulnerability of signature verification in the iaware system being initialized later than the...
Moderate
Unreviewed
CVE-2022-48518
was published
Jul 6, 2023
Improper initialization for some Intel(R) NUC BIOS firmware may allow a privileged user to...
Moderate
Unreviewed
CVE-2022-31477
was published
May 10, 2023
A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote...
High
Unreviewed
CVE-2023-27934
was published
May 8, 2023
A malicious actor may convince a victim to open a malicious USD file that may trigger an...
High
Unreviewed
CVE-2023-25010
was published
Apr 17, 2023
Some smartphones have data initialization issues. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2022-48352
was published
Mar 28, 2023
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might...
High
Unreviewed
CVE-2023-1513
was published
Mar 23, 2023
WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt:...
Moderate
Unreviewed
CVE-2023-27115
was published
Mar 10, 2023
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion...
Moderate
Unreviewed
CVE-2021-22283
was published
Feb 28, 2023
A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM...
High
Unreviewed
CVE-2023-1048
was published
Feb 26, 2023
A vulnerability classified as critical was found in TechPowerUp RealTemp 3.7.0.0. This...
High
Unreviewed
CVE-2023-1047
was published
Feb 26, 2023
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
Moderate
Unreviewed
CVE-2021-3329
was published
Feb 26, 2023
ProTip!
Advisories are also available from the
GraphQL API